Find every companies secrets, passwords, api keys and accidentally exposed data on GitHub.
Category: External Penetration Tests
OSINT Unified Research Tool (Search Engine)
Another day, another great OSINT tool added to the toolset. This one being a all-in-one research tool.
Alternative to Google Hacking Database
Web application to help in search engine and especially google dorking!
NEW TOOL for Automated External Recon – Discovery – Vuln Scanning
A new piece for your arsenal for the automation of external penetration tests? Maybe not.
Using the WayBack Machine to create parameter wordlists
A tool to create parameter wordlists of whatever domains (and subdomains) via the internet archive (wayback machine)!
STOP USING DEFAULT PASSWORDS
A large trove of default username and passwords for all kinds of products!
Skipfish or Crunch but for DNS Enumeration?! :)
Another tool for external recon....check!
SubDomain Enumeration Cheat Sheet
Stumbled onto a great SubDomain/DNS Enumeration cheatsheet! Check it out!
Web App Pen Test against SalesForce
First step in a web application penetration test against SalesForce.
Interesting Wordlist Added to TreeHouse Wordlists
Still working on TreeHouse Wordlists. Found a super interesting resource, called DomainsProject. Check it out!!